Hi list
I'm testing rate-limits (BIND 9.11.2) and I'm unsure, how I've to
understand the following "stop-limiting"-log-entry:
1)
04-Jan-2018 15:09:10.852 rate-limit: info: limit responses to 1.1.1.0/24
for www.example.com IN A (7ae73d9b)
2)
04-Jan-2018 15:09:10.852 rate-limit: info: client @0x7f16440ee550
13.93.86.165#55203 (www.example.com): rate limit drop response to
1.1.1.0/24 for www.example.com IN A (7ae73d9b)
3)
04-Jan-2018 15:09:16.773 rate-limit: info: client @0x7f16440fcc30
13.93.86.165#33997 (www.example.com): rate limit drop response to
1.1.1.0/24 for www.example.com IN A (7ae73d9b)
4)
04-Jan-2018 15:10:20.266 rate-limit: info: stop limiting responses to
1.1.1.0/24 for www.example.com IN A (7ae73d9b)
- #1-#3 seems clear, because they reaches the configured threshold. But
what about the entry #4? Why does this logentry only appears about 60-65
seconds later, after I've stopped the "test"-attack (confirmed multiple
times..)?
My rate-config:
rate-limit {
responses-per-second 5;
slip 0;
window 5;
};
Many thanks.
Kind regards,
Tom
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
